Google sues Chinese cybercrime ring for using Gemini AI to build massive fraud operation

Google fires sueball at alleged Chinese phishers over AI-powered fraud ops

Telegram-based 'Outsider Enterprise' accused of sending millions of scam texts and impersonating trusted brands Google has sued an alleged China-based cybercrime operation it says used AI-powered phishing kits to blast out millions of scam text messages and funnel victims to fake websites designed to steal passwords, payment cards, and other sensitive information. The complaint targets a group Google refers to as the "Outsider Enterprise," which the company describes as a sprawling criminal network that operates on Telegram and supplies phishing tools to other fraudsters. According to Google's filing, the operation has been linked to more than 9,000 fraudulent websites, over one million malicious URLs, and scams that have allegedly defrauded hundreds of thousands of people. The group's biz model centers on distributing phishing kits that enable criminals to impersonate Google and other trusted brands through large-scale text message campaigns, Google claims. Victims are directed to fraudulent websites designed to steal login credentials, payment card details, and other sensitive information, it adds. Google's allegation is not that AI is somehow breaking into people's phones, but rather that the technology appears to have been used to help churn out phishing content, allowing the operation to push more scams, more quickly, and with less effort. Android users flagged more than 55,000 spam texts linked to the operation during a two-week period in May, we're told, while the company detected roughly 2.5 million messages containing links to Outsider-controlled websites sent to Android devices during the same time frame. The lawsuit forms part of a broader effort involving federal law enforcement and US telecom providers. Google said it is coordinating with the FBI, AT&T, T-Mobile, and Verizon to disrupt the infrastructure behind the campaigns and block malicious messages before they reach users. "The criminals behind the Outsider Enterprise built a business out of impersonating trusted brands to defraud hundreds of thousands of victims," said Brett Leatherman, assistant director of the FBI's Cyber Division. "Criminals increasingly use AI to make fraud like this more convincing and harder to detect. Together with partners like Google, we can disrupt criminal networks in ways no single organization could on its own." The lawsuit may never put the alleged operators in a courtroom, but it could still help pull apart the infrastructure behind the campaigns. ®

Google sues Chinese scammers using Gemini AI for fraud - Engadget

The company is also promoting legislation to fight the potential of AI to create 'massive' scams. Google sued a Chinese cybercrime network for using its Gemini AI to perpetuate a "massive" scam operation, the company announced. The search giant has coordinated with the FBI, along with carriers AT&T, T-Mobile and Verizon to dismantle the operation. Google is also advocating for updated laws to deal with AI-driven attacks, saying the technology has the potential to "supercharge" threats. "This is our first coordinated effort and lawsuit and that speaks to the breadth of impact that this particular scam has," Google's general counsel DeLaine Prado told The New York Times in an interview. In its lawsuit, Google accused a Chinese organization called Outsider Enterprise of employing its technology and brand to commit fraud, requesting a restraining order so that the network can be shut down. The group allegedly used Gemini to create websites imitating Google, YouTube and government organizations including the US Postal Service and New York's E-ZPass toll service. Google didn't reveal what internal measures it took to address the issue, given it is in control of Gemini. The scam has impacted "hundreds of thousands of victims," Google said, with losses estimated in the millions. The group created 9,000 fake websites and one million fraudulent URLs, while creating 55,000 spam texts flagged by Android users and 2.5 million messages with links to fraudulent websites over just a two-week period. Google notes that all of this is from a single operation, which is why it's advocating for no less than seven bipartisan bills to curtail future AI scams. Those include the "National Strategy for Combatting Scams Act," "Strategic Task Force on Scam Prevention Act," "STOP Scams Against Seniors Act" and the AI Plan act. "This is not spam. It is organized transnational crime moving through our phones, and it demands a response as coordinated and aggressive as the threat itself," said congressman Brian Fitzpatrick (R-Pennsylvania). "Criminals increasingly use AI to make fraud like this more convincing and harder to detect," added FBI assistant director Brett Leatherman. "And we need a permanent solution to bring them to justice."

Google sues scam ring that used Gemini AI to build fraud sites

Google has sued a suspected Chinese cybercrime group called the Outsider Enterprise for sending 2.5 million fraudulent text messages to Android users. The scammers allegedly used Google's Gemini chatbot to code malicious websites, coordinated via Telegram, and generated 9,000 fake sites and over one million fraudulent URLs. Google has filed a lawsuit against a suspected Chinese cybercrime operation it calls the Outsider Enterprise, alleging the group sent more than 2.5 million fraudulent text messages to Android users over a two-week period in May. The messages contained links to fake websites designed to steal personal information, and the scammers reportedly used Google's own Gemini chatbot to help build those sites. The complaint, first reported by Bloomberg, accuses the network of targeting hundreds of thousands of people across the United States. According to Google, the operation generated 9,000 fake websites and more than one million fraudulent URLs. How the operation worked The Outsider Enterprise coordinated through Telegram, distributing links via text messages that impersonated Google and other trusted brands. The messages contained urgent warnings about supposedly compromised accounts or alerts about package tracking. Once users clicked, they were redirected to websites that asked for confidential information. The scammers reportedly encouraged one another to use Gemini to write the custom code necessary to create those malicious websites, according to the complaint. A pattern of escalation The lawsuit marks Google's second major legal action against China-based text message scam operations in seven months. In November 2025, the company filed a RICO lawsuit against a group it called Lighthouse, which operated a "phishing-as-a-service" platform selling ready-made scam kits. That earlier operation was accused of compromising between 15 million and 100 million credit cards in the US alone, according to CNBC. Google said a temporary restraining order effectively shut Lighthouse down within hours of the complaint being filed. The Outsider Enterprise case follows the same playbook but adds a new dimension: the explicit use of generative AI as a tool in the scam supply chain. Where Lighthouse sold phishing kits, Outsider's members allegedly used Gemini to generate code for their own operations. The AI misuse problem keeps growing The allegation that scammers used Gemini to build fraudulent infrastructure sits within a broader pattern of AI tools being weaponised for cybercrime. Google's own Threat Intelligence Group reported in May 2026 that state-sponsored actors from China, North Korea, and Russia are using AI for vulnerability research, autonomous malware development, and supply chain attacks. ESET, the cybersecurity firm, identified in February 2026 the first known Android malware to integrate generative AI directly into its execution flow. That malware, called PromptSpy, used the Gemini API to autonomously navigate victim devices. The cybersecurity industry's push toward governed AI has only intensified as these cases multiply. The pattern is clear: the same tools built to assist developers and consumers are being repurposed by criminal networks. Telecom companies joined the fight Google said it worked with AT&T, T-Mobile, and Verizon to block the Outsider Enterprise's texts from reaching potential victims. Nasrin Rezai, Verizon's chief information security officer, framed the effort as a cross-industry response. "We look forward to standing with Google, the telecom industry, and federal law enforcement in this coordinated effort to dismantle malicious domains and disrupt global cybercrime operations," Rezai said in a statement. The cooperation between a tech platform and the three largest US carriers reflects the scale of the threat. What the complaint does not say The complaint did not specify an estimated amount of money lost because of the spam messages. It also did not detail how many victims actually handed over personal information after clicking the fraudulent links. Meanwhile, China's own regulators have launched enforcement campaigns against AI misuse, targeting deepfakes, fraud, and disinformation. Whether those domestic efforts will address operations like the Outsider Enterprise, which allegedly targeted US consumers from China, remains an open question. The flags The 2.5 million messages and the 9,000 fake websites are figures cited from Google's own complaint, not independently verified totals. The complaint identifies the defendants as a suspected Chinese operation but does not name individual defendants. Bloomberg's report is the primary source for the lawsuit details. The specific claim that scammers used Gemini to write code for malicious websites comes from the complaint itself and has not been independently corroborated beyond Google's own filings.